Forwarded from: "eric wolbrom, CISSP" <ericat_private> http://abcnews.go.com/sections/business/TechTV/techtv_employee_revenge_020604.html June 4 -- There was a time when vindictive former employees sought revenge by taking a couple of office supplies or spreading rumors about the boss. But in today's computerized offices, angry workers and disgruntled employees can access computer systems and destroy data with a click of the mouse, causing millions of dollars in damage. Richard Hunter, an analyst with Gartner, says that while cybersabotage is rampant and rising, companies are usually too embarrassed to report cases. A recent FBI survey of anonymous companies showed 85 percent had a computer intrusion in the last year. Of these intrusions, 30 percent were from outside hackers, while 70 percent came from people associated with the company. Despite the wall of silence, we managed to dig up some notable cases of employee sabotage. Below you'll find five examples of disgruntled employees who wreaked havoc on corporate computer systems and ended up in jail. Crashing Forbes: A Forbes computer technician deliberately caused five of the publisher's eight network servers to crash as retribution for his termination from a temporary position. All the information on the affected servers was erased, and no data could be restored. As a result of this one act of sabotage, Forbes was forced to shut down its New York operations for two days and sustained losses in excess of $100,000. E-Mail overload: Lockheed Martin's email system crashed for six hours after an employee sent 60,000 co-workers a personal email message complete with a request for an electronic receipt. The defense contractor, which posts 40 million emails a month, was forced to fly in a Microsoft rescue squad to repair the damage caused by the employee. Data destruction at Verizon: A 32-year-old Florida man pleaded guilty to a charge of intentionally damaging protected computers at a network support center owned by Verizon Communications. Verizon said that at 3 a.m. on a weekday the employee began to erase data contained in the computers and entered a command that prevented anyone from stopping the destruction process. His actions resulted in more than $200,000 in damage. He now faces up to 10 years in prison and a $250,000 fine. Server sabotage: A Hewlett-Packard employee sabotaged important tests on one of HP's new computer servers, giving it lower performance results that cost millions of dollars in resources and lost sales, according to a lawsuit filed by HP. Just before he was fired, the employee reformatted important computer disks, cut cables to the test computer, and altered logs to try to hide his acts. HP says it spent more than $1 million trying to fix the problems. HP also alleges that the employee copied email records, accessed private computer systems, and transferred confidential information outside the company. HP is asking that the ex-employee be forced to pay unspecified damages. Omega's $10 million software bomb: Omega Engineering suffered losses of $10 million when a terminated network manager detonated a software time bomb he had previously planted in the network he helped create. The bomb paralyzed Omega, a manufacturer of high tech measurement and control devices used by the Navy and NASA. The malicious software code destroyed the programs that ran the company's manufacturing machines. One fateful morning, a worker at Omega's manufacturing plant booted up the central file server that housed more than 1,000 programs and the specifications for molds and templates. Immediately after the bootup, the server crashed, erasing and purging all the programs on it. The incident led to 80 layoffs, and the company says it caused the departure of several of its clients. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Jun 05 2002 - 04:02:31 PDT